package net.joyphper.commons.security;

import java.util.concurrent.TimeUnit;

import javax.servlet.http.HttpServletRequest;

import net.joyphper.commons.Constants;
import net.joyphper.commons.Encrypt;
import net.joyphper.enums.UserStatus;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.data.redis.core.BoundValueOperations;
import org.springframework.data.redis.core.RedisTemplate;
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;

@SuppressWarnings({"rawtypes","unchecked"})
public class SecurityUtil{
	@Autowired
	private RedisTemplate redisTemplate;
	
	/**
	 * 生成用户密码
	 * @param loginMail 用户登录的Email地址
	 * @param loginPwd  用户登录使用的密码，是经过 sha1加密过的
	 * @return
	 */
	public String genPwd(String loginName,String loginPwd){
		return Encrypt.md5(loginName.trim()+loginPwd.toUpperCase());
	}
	/**
	 * 将用户信息写入到缓存中
	 * @param user
	 * @throws Exception
	 */
	public void setAuth(Auth auth){
		
		HttpServletRequest request = ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()).getRequest();
		
		String sid =SidCookie.getSidCookie(request);
		
		BoundValueOperations<String,Auth> boundValue = this.redisTemplate.boundValueOps(Constants.AUTH_LOGIN_SIGN+":"+sid);
		boundValue.set(auth,30, TimeUnit.MINUTES); 
	}
	
	/**
	 * 获取登录用户信息
	 * @return
	 * @throws Exception
	 */
	public Auth getAuth(){
		
		HttpServletRequest request = ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()).getRequest();
		Auth auth = (Auth)request.getAttribute("__auth");
		if(auth == null){
			String sid =SidCookie.getSidCookie(request);
			
			BoundValueOperations<String,Auth> boundValue = this.redisTemplate.boundValueOps(Constants.AUTH_LOGIN_SIGN+":"+sid);
			
			if(boundValue.getExpire() <0){
				auth =new Auth(null,"Anonymous",UserStatus.OK,null,null,null);
			}else{
				auth = boundValue.get();
				//将用户信息的过期时间重新更新到30分钟
				boundValue.set(auth ,30, TimeUnit.MINUTES);
			}
			auth.setSid(sid);
		}
		return auth;
	}
	
	/**
	 * 销毁登录用户信息
	 * @throws Exception
	 */
	public void destroyAuth(){
		
		HttpServletRequest request = ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()).getRequest();
		
		String sid =SidCookie.getSidCookie(request);
		
		BoundValueOperations<String,Auth> boundValue = this.redisTemplate.boundValueOps(Constants.AUTH_LOGIN_SIGN+":"+sid);
		
		if(boundValue.getExpire() >=0){
			boundValue.expire(-1 , TimeUnit.SECONDS);
		}
	}

	/**
	 * 将验证码写入到缓存中
	 * @param captcha
	 */
	public void setCaptcha(String captcha){
		
		HttpServletRequest request = ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()).getRequest();
		
		String sid =SidCookie.getSidCookie(request);
		
		BoundValueOperations<String, String> boundValue = this.redisTemplate.boundValueOps(Constants.VERIFY_CODE_SIGN+":"+sid);

		boundValue.set(captcha);
		
		boundValue.expire(10 * 60 , TimeUnit.SECONDS); //验证码的有效期为10分钟
	}
	
	/**
	 * 从缓存中取出验证码
	 * @param sRand
	 */
	public boolean compareCaptcha(String captcha){
		
		HttpServletRequest request = ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()).getRequest();
		
		String sid =SidCookie.getSidCookie(request);
		
		BoundValueOperations<String, String> boundValue = this.redisTemplate.boundValueOps(Constants.VERIFY_CODE_SIGN+":"+sid);
		
		String sRand = boundValue.get();
		
		boundValue.expire(-1, TimeUnit.SECONDS); //让验证码立即过期
		
		return captcha !=null && sRand!=null && captcha.trim().toLowerCase().equals(sRand.trim().toLowerCase());
	}
}
